<?
function check_security()
{
	if($_REQUEST["adminaction"]=="login") admin_login();
	if($_REQUEST["adminaction"]=="logout") $_SESSION["userdata"]="";
	if($_SESSION["userdata"]["type"]=="admin") return;
	if($_SESSION["userdata"]["type"]=="manager") {
		$zone= str_replace('/forest/','',$_SERVER['SCRIPT_NAME']);
		$access = ScalarSelect("select access from permissions where zone='$zone' and userid=".$_SESSION["userdata"]["id"]);
		if($access)	return;
		AdminAccessDenied();
		exit();
	}
	if($_SESSION["userdata"]["type"]=="restore") {
		$zone= str_replace('/forest/','',$_SERVER['SCRIPT_NAME']);
		if($zone=="backup.php") return;
		AdminAccessDenied();
		exit();
	}
	
	$dao = Array();
	$dao["login"] = $_REQUEST["adminlogin"];
	
	echo TemplaterParse( ReadContent( $GLOBALS["root"]."skins/admin/".$GLOBALS["admin_skin"]."/login.tpl" ) ,$dao);
	exit();
}


function admin_login()
{
	mysql_query("select count(*) from manager");
	if(strlen(mysql_error())>10)
	{
		$_SESSION["userdata"] = Array("type"=>"restore","login"=>"restore","id"=>"0","title"=>"Создание сайта");
		Redirect("/forest/backup.php");	
		exit;
	}
	$res = mysql_query("select id,type,login from manager where login='".mysql_real_escape_string($_REQUEST['adminlogin'])."' and password='".mysql_real_escape_string($_REQUEST['adminpassword'])."'");
	if(mysql_num_rows($res)>0)
	{
		$_SESSION["userdata"] = mysql_fetch_array($res);
		ClearGet(LinkBuilder("adminaction="));
	}
}


function GetAdminTemplate($template_name)
{
	return ReadContent( $GLOBALS["root"]."skins/admin/".$GLOBALS["admin_skin"]."/".$template_name.".tpl" );
}




function AdminLinkBase(){
	$page = $_SERVER["REQUEST_URI"];
	$page = str_replace("/forest/","",$page);
	if(is_int(strpos($page,"?"))) $page=substr($page,0,strpos($page,"?"));
	return $page;
}


function RenderAdmin($form,$list)
{
	$admin_maket = ReadContent( $GLOBALS["root"]."skins/admin/".$GLOBALS["admin_skin"]."/maket.tpl" );
	
	$dao = Array();
	$dao["admin_menu"] = $GLOBALS["admin_menu"];
	$dao["currentpage"] = $page;
	$dao["form"] = $form;
	$dao["list"] = $list;
	$dao["sortdir"] = ($_REQUEST["sortdir"]?$_REQUEST["sortdir"]:"asc");
	$dao["sortby"] = ($_REQUEST["sortby"]?$_REQUEST["sortby"]:"pos");
	if($_REQUEST["pager"]=="showall") $dao["sortbase"] = LinkBuilder("sortby=&sortdir=",true);
	else                              $dao["sortbase"] = LinkBuilder("sortby=&sortdir=&pager=",true);
	
	//sleep(1);
	if($_REQUEST["ajaxpart"]=="list") return preg_replace("/\&{0,1}ajaxpart=list/","",ImagePath(TemplaterParse($list,$dao), "skins/admin/".$GLOBALS["admin_skin"]."/" ));
	if($_REQUEST["ajaxpart"]=="form") return preg_replace("/\&{0,1}ajaxpart=form/","",ImagePath(TemplaterParse($form,$dao), "skins/admin/".$GLOBALS["admin_skin"]."/" ));
	
	return ImagePath(TemplaterParse($admin_maket,$dao),"skins/admin/".$GLOBALS["admin_skin"]."/");
}

function GetAdminTitle()
{
	global $admin_menu;
	$page = substr($_SERVER["REQUEST_URI"],1);
	if(is_int(strpos($page,"?"))) $page=substr($page,0,strpos($page,"?"));
	$page=str_replace("forest/","",$page);
	foreach($admin_menu as $group)
	{
		foreach($group[1] as $item)
		{
			if($item[0]==$page) return $item[1];
		}
	}
}

function AdminAccessDenied()
{
	echo RenderAdmin("У Вас недостаточно прав для доступа в эту область","");
}